Slashdot Mirror
Peeping Tom Worm That Uses Webcams
Ant writes "The Register mentions a new Windows worm known as Rbot-GR that is currently circulating accross the net. It has the capability to spy on users using webcams. " I'm surprised that it took this long.
Mitch: And from now on, stop playing with yourself!
Kent: It is God!
Real Genius
I don't think I want to see what's on the other side of that computer screen. I prefer to just believe what foxylady687783 tells me she's doing.
I wonder how long it will take for the writer(s) to regret this one. I mean, look at the demographic most likely to own web cams and leave them connected to their computer. Would you really WANT to spy on them?
Now, if you could get your ex-girlfriend (or boyfriend, whatever) to install the trojan...
Right is wrong when left is right.
... a massive supply of horrible focus and bad resolution porn has started to show up on the Internet. Film(s) at 11.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Nothing for you to see here. Please move along.
/. home page. I guess I need that worm to read slashdot now.
That's what I saw when I first clicked on the link to "Read More" for the
Two wrongs don't make a right, but three lefts do.
Kinda funny that first clicking on the story brought up "Nothing for you to see here. Please move along." .. perhaps the /. editors have experienced this web cam worm thing first-hand and are.. covering up, so to speak?
On second thoughts, no.. let's not even go there. *shudder*
I'm surprised that it took this long.
I'm still waiting for the virus to be made that replaced the users background with the goatse.cx (or goat.cx, nowadays) man.
Uh oh... I'm going to have to point my web cam somewhere other than my "den of love" from here on out! How DARE they view me and not pay for it on a monthly basis!
"The object of war is not to die for your country, but to make the other bastard die for his." - Patton
Instead of fixes, I'll be expecting apps to pop up that allows you to view the victims. Some people will really get a kick outta this.
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
Anyone have any idea where these infected machines are listed? Can we get a peek? Cuz I just know that like 90% of unsuspecting hot women like to undress in front of their web cams!
This is an idiotic virus, isn't it? Didn't the author take into account that way more than 99% of the time, webcams aren't pointed at anything interesting?
but have you considered the following argument: shut up.
Finch : God bless the Internet
I whole heartedly agree.
Free XBox, PS2
Methinks that some bored kid got tired of all the webcam pron sites out there and went out to make his own "real" digital version of a voyeur binoculars
Fourty-two!
Whew! For a minute there I thought you said, "I'm surprised that it looks this long."
Meet the Peeping Tom worm By John Leyden Published Monday 23rd August 2004 14:56 GMT A worm that has the capability to using webcams to spy on users is circulating across the Net. Rbot-GR, the latest variant of a prolific worm series, spreads via network shares, exploiting a number of Microsoft security vulnerabilities to drop a backdoor Trojan horse program on vulnerable machines as it propagates. Once a backdoor program is installed on a victim's PC it's game over and an attacker can do whatever takes their fancy. But Rbot-GR comes pre-loaded with functionality specifically designed to control webcam and microphones. Other variants of the worm do not come with this "Peeping Tom" routine, according to AV firm Sophos. "If your computer is infected and you have a webcam plugged in, then everything you do in front of the computer can be seen, and everything you say can be recorded," said Graham Cluley, senior technology consultant for Sophos. "It would be like having a regular web cam conversation except you wouldn't know you're taking part in it." Aside from its voyeuristic behaviour, the Trojan component of the worm will attempt to steal registration information for games and PayPal passwords from infected machines. It's a thoroughly nasty piece of code so it comes as some relief that Rbot-GR hasn't particularly widespread. Sophos has received only as handful of reports about the worm and most vendors rate it as a medium-risk threat. As usual, Rbot-GR is a Windows-only menace. ®
But how a Virus installs the webcam on your computer is beyond me!
Place your sign against a wall, point the webcam to it. Sign says,
WE KNOW WHO YOU ARE. WE ARE CALLING YOUR PARENTS.
Sure, you never find out what happens, but it might be fun.
Small potatoes make the steak look bigger.
Seems like physical security is the only way to be truly certain that your webcam isn't spying on you. Unplug it or cover it up or something when it isn't in use.
I wonder how long it'll be before web sites start popping up with unauthorized videos from hijacked webcams.
Sub 7 / BO and others have given the user *cough* kiddie *cough* this ablility for some time.
Sure they're not a worm, but the idea isn't new.
Funny now that I think about it, but I used to use Sub 7 on my home computer so I could access it from anywhere via an odd port and password protected. I could view my web cam, take control of my computer, ftp files upload and download to where-ever I was.
Honestly, it was an extremely useful program. And when I was done, I'd just shut down the server.
I've moved over to linux so I can ssh now, but as windows went, it was still one of the best remote programs I've ever used.
www.slightlycrewed.com - Because aren't we all?
put black electrical tape over the lens when not using the camera. I thought most people did something to cover the lens or plug the camera.
Jason
ProfQuotes
Geeks can just go any lengths to meet a girl. :-o
:-S
I'd like to know the guy (I assume it's a guy) that made this virus. "Woo, I just got this idea -- if I write a virus to see other users, I might see pr0n!"
Hmm, on second though I'm not sure I'd like to know him.
Beware: In C++, your friends can see your privates!
This is the most insightful post I have ever seen. I see this issue in a whole new light now, that it's Microsoft's fault people write worms for its operating system. The fact that they have bugs in their software on purpose never occurred to me, but now I have seen the light. Your clever use of 'teh' enhances your argument in a way I never thought possible. I truly have a new outlook on life after reading this, and intend to install Linux on every computer I see for the rest of my life, because clearly it is completely bug-free and is never subject to any sort of malicious attack. Thanks!
strange, when i clicked it : nothing happened... except the tiny green light on my webcam started blinking.
"why you tattoring fan sucked doo belly - i have to go buy something to strike you with... excuse me."
I have several people I will be buying webcams for. I'll make sure I install the 'drivers' as well.
C'mon, what are you expecting to see, really? People making out infront of their cameras? Ha!
More likely:
Some drone plodding away at a spreadsheet
A gamer wondering why his framerate just dropped 10% on d00m 3
George W. Bush picking his nose and rolling it into a little ball
A guy with a big beard and mustache, wearing a bedsheet over his head, two-finger typing instructions to a cell to get him early tickets to Sky Captain and the World of Tomorrow, before staging this next deadly attack.
CowboyNeal with food stains all down his tshirt (ecch!)
J. K. Rowling gnawing on the pencil while deciding how the next character dies in Harry Potter. 'Zapped .. eaten .. hmmmm...'
A couple of norwegian guys with a couple paintings propped against the wall behind them.
A Slashdot moderator about to zap this post -- 'Worst post ever!'
William Shatner writing lots of kissing and strutting scenes into his appearance in Enterprise and removing that bit where he's required to act without his toupee on.
An ILM designer creating the next 'Jar Jar' character -- 'No, make it look more like Hello Kitty...
Honestly, voyeurism is this desperate?
A feeling of having made the same mistake before: Deja Foobar
This may very well turn out to be the incentive I need to break my nose picking habit.
Norman Cook's Ode to Sl
Seriously, if someone comes across it, I'm going to second calls for a major /. voyeur party. Just figure out where this thing drops its imagery...
I'm all about pictures of 15-yo gamers picking their nose in front of Doom3. I'd laugh my ******* *** off.
--------------------- -me, Crusher of those who are Foolish (don't be foolish)
The editors are pissed about something and decided to punish everyone, guilty or innocent, by using the IT color scheme.
i'd like to get a version of that and change it a little. what i'd like it to do is open a window and loopback the feed to the host computer. just imagine the look on someone's face when they realize that they are looking at images of themselves from say two minutes prior.
Is it 5:30 yet?
Of course Macs are immune to this virus, but this sort of thing is theoretically possible for a Mac.
That's one of the reasons the iSight is such a great design- you turn your iSight on and off, automatically lauching and closing the iChat software, by twisitng the LENS SHUTTER OPEN AND CLOSED. Unless the virus also implements X-Ray vision in the iSight, I wouldn't worry about it spying on you when you thought it was off.
Can anyone tell me how to set my sig on Slashdot?
Just point your webcam back at your monitor, and surf the IT portion of Slashdot. The voyeurs out there watching your webcam will go blind in short order.
my Logitech Color Quickcam with Kernel 2.6.7 it is highly appreciated. ;-)
You wouldn't catch much of interest in my home office now ("Ooo! Look! He's watching the printer!"), but when I bought my webcam back in college I intentionally sought out a model with a manual power switch and lens cover for this very reason.
Just because you're paranoid doesn't mean they're not out to get you!
this. Ahhh, Back Orifice was fun (as someone else noted).
I remember doing something similar to my friends with an ICQ spoof program, my favorite went something like from UIN(666): "This is Satan, sell me you soul.", UIN(333): "This is God, don't listen to Satan.", UIN(1): "This is your mother, don't listen to either of them." It was even better if they tried to add the new UINs to their contact list and they all came back invalid. (The minimum is something like 1001)
The Register article is short on details, but the trojan does pull paypal and other info from the machine. If they get enough info on you your headshot would be a nice piece of data to have to forge an picture ID.
I know you're kidding, but considering more than half of internet users in the US are always on broadband users and the number of webcams sold/bundled with PCs and you've got yourself quite a number of people to spy on.
Or they might just send wacky pop-ups to solicit expressions like the one this guy is sporting.
install windows. sit back, and relax.
Give 'em something REALLY good to look at.
Scatter a bunch of fake corpses around your room. Splatter a little fake blood and gibs around for good measure, and then put a radial arm saw and sausage grinder off in a corner.
If you suspect the cam is active, throw on a bloody goalie mask and say into the camera... "I know where you live...."
I've never coded a trojan, or even downloaded on on purpose. But I've always wondered why they didn't use the victoms machine better. Setting up a web page on it and then "auto-spam" the url to people using email, p2p, messanger type applications. They could offer a glimpse into someones computer, web camera like your tipical porn site. And then have a option to 'Find other camera' or 'view full page viedo' something along that line, where the user is mislead into installing the 'worm/trojan' on their own computer. In return for installing the trojan they could get better quality, and a list of other infected hosts. After completing the 'registration' or what ever the perps computer would become another infected 'node'. This could lead not only initial infections from exploits, and 'mail clickers', but to a second group of uneducated users who choose to abuse the problem and in the process 'help' spread the infection by people actualy telling their friends about the cool new underground site they found. Make it some nice p2p network and you could have a 24/7 voyuer network set up. Kinda a subseven/kazza type back door hidden, And a interface on a webport allowing others to access the network who don't even need to be infected. The common user would only think, i'm only visiting a site, I'm not running anything on my computer.
Hey, you're right! It goes on the head.
(Score: -1, Stupid)
- the site: uselessjunk.net
- the mirror another poster gave (darn!) http://pics.sjeemz.nl/libby/ [sjeemz.nl]
- PlanetSuzy
+5 Kryptonite?I saw it used for that purpose. A friend of mine had that, and he says "watch this, got this back orifice thing, you control folks computarz and stuff! Gonna turn on this chicks webcam, watch this now...."
so, he does what he does....anticipation......
AAAK, ME EYES!
It was some old lady shuffling around in her bathrobe! Mrs. Lubner deluxe!
HAHAHAHAHAHAHAH!
Yep. It's a catepillar alright. Obviously a species from the family Geometridae. Members of which are commonly refered to as inchworms.
Not quite 20 years, since the Sparc didn't ship til 1990-ish, and the Sun3 didn't have the microphone. /usr/demo/laughter.au (or whatever the sample was called -- the one with several people laughing) to /dev/audio, placing each rsh in the background so all of them went off more-or-less at the same time.
Just the same, the mic and the speaker were really nifty. I was working on homework one night at around 2am, and noticed that a buddy was logged in on console in a lab of 15-20 sparcs. I checked the other machines, and he was the only one (logged in) in the lab, so I hacked out a quick shell script to rsh to each host and cat
A few minutes later, he wasn't logged in anymore.
I pretty much expected this at some point. Which was why I was pretty impressed when the Apple iSight included a physical shutter. If you twist it open, it automatically launches iChat AV. Twist it closed, and no one can see you unless they figure out how to patch the firmware with x-ray vision support!